Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

IT and security teams are stuck between two bad options: over-automate on noisy, incomplete data and risk eroding trust, or avoid automation and drown in manual triage. With surging data volumes and increasingly complex stacks, both choices drive alert fatigue, longer MTTD/MTTR, and analyst burnout. Tines and Cribl offer an alternative vision.

Security and IT professionals know the pattern all too well: workplace stress peaks in the weeks leading up to major holidays. Teams face pressure to close out projects, meet year-end deadlines, and handle increased workloads with reduced staff. And to top it off, cyber threats don’t take holidays. In fact, attackers often exploit this exact window of vulnerability.

Patch management is one of those responsibilities everyone agrees is essential, yet very few teams feel confident about. The organizations I speak with every week are not struggling because they lack urgency or awareness. They are struggling because the environment around patching has changed dramatically.

Tines is vendor-agnostic and interoperability is core to our intelligent workflow platform. With each iteration of AI agents in Tines, we’re extending that interoperability. Today, that includes MCP support in the AI Agent action.

I first met Tines co-founders Eoin Hinchy and Thomas Kinsella more than a decade ago at eBay. Even then, we shared the same frustration: too much important work was slowed down by brittle processes, manual handoffs, and disconnected tools. We all believed technology should help people focus on meaningful work, not slow them down in muckwork. That idea has shaped my career ever since. I started out in security operations, using automation to make my own job easier.

SOAR was created to help security teams work faster and more consistently by automating and orchestrating core security operations. It has always had to adapt to new and evolving technologies, but our current AI era has brought about a turning point. As cloud environments scale, manual playbooks can’t keep up. Now, it’s not enough to automate. We need systems that can understand the context they’re running in and adapt accordingly.

This is the final post in a three part series examining the past, present and future of workflows. In the first two posts, we explored where workflows came from and what defines an intelligent workflow. This final article looks ahead. The goal is to understand how workflows will evolve in the coming years and why they will become central to how organizations run, make decisions, and adapt.

AI is becoming a routine part of technical operations. Teams use models to support ticket triage, incident routing, knowledge retrieval, code analysis, and customer interactions. As these agents move closer to production workflows, the conversation about security becomes much more important. One of the most persistent and widely misunderstood issues is prompt injection. It is not a vulnerability that can be fully patched or trained away.

Using the AI Agent action, you can now connect to and utilize tools from MCP servers. This connection allows you to extend the reach of your workflows by bridging the gap between Tines and your AI implementations. Whether using a remote server or one created in Tines, the opportunity to do more is at your fingertips. Read the docs for more information.

Infrastructure has always been the backbone of IT Operations, but its scope has expanded dramatically. Gone are the days when infrastructure meant only racks of on-premise servers and storage arrays. For many businesses, today's reality is a sprawling, interconnected landscape encompassing multi-cloud environments, modern software-as-a-service (SaaS) platforms, traditional data centers, and emerging edge workloads.